background image
BGP Update Messages
There are some ISPs, however, that do not use any of the outlined tech-
niques from RFC 2267 and that do not filter your announcements. In fact,
some actually announce to the rest of the Internet all the routes that exist in
your network. Ingress traffic filtering is a condition in which an ISP accepts
only packets with a source address in an administrative range that belongs to
one of the ISP's customers. If all the ISPs on the Internet filtered using ingress
filtering based on source addresses, the Internet as a whole would gain con-
siderable immunity to malicious hackers' denial-of-service attacks.
The reason is that hackers would not be able to insert a randomly gener-
ated or invalid source address in the packets used to attack other networks.
Hackers use these addresses to prevent the attacked network from learning
the true source. Ingress source filtering would block these packets before
they could enter the network.
BGP Update Messages
he biggest difference between an IGP and a BGP is the amount of
additional information passed between protocol-running devices because of
the amount of routing information that must be passed. IGPs sometimes use
a prefix, metric, tagging, or a shortest path algorithm such as that found in
the Open Shortest Path First (OSPF) protocol. The updates used by an IGP
can be small compared to the routing updates for BGP, which have the
potential of carrying many path attributes.
RIP is a simple IGP that carries only a few attributes, such as metric infor-
mation and the next hop. OSPF is a much more complex routing protocol
that has path attributes such as intra-area, inter-area, and external status.
BGP has the ability to attach many attributes to a given route. The minimum
set of path attributes that can be included in an update message is the source
of the update, called the ORIGIN attribute, and the hop information, called
the AS_PATH attribute.
When two routers running BGP begin a communication process to
exchange dynamic routing information, they use a TCP port at Layer 4 of the
OSI Reference Model. Specifically, TCP port 179 is used. The two routers
are called endpoints, BGP peers, or BGP neighbors, and their communica-
tions, which are reliable connection-oriented connections, are referred to as
sessions. When a router advertises its prefixes or routes, this router is known
as a BGP speaker. The routes that it advertises are considered valid by the
Copyright ©2001 SYBEX , Inc., Alameda, CA